package com.mall.order.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    /**
     * http安全配置
     *
     * @param http http安全对象
     * @throws Exception http安全异常信息
     */
    @Override
    protected void configure(HttpSecurity http) throws Exception {
//        http.formLogin()
//                .loginPage("/login") //自定义表单登录页面
//                .and()
//                .logout().logoutUrl("/loginOut")//自定义登出url
//                .and()
//                .authorizeRequests()
//                .antMatchers("/login","/login.html").permitAll()
//                .anyRequest()
//                .authenticated()
//                .and()
//                .csrf().disable().cors();

    }

    @Override
    public void configure(WebSecurity web) throws Exception {
        //配置不拦截的静态资源
        web.ignoring().antMatchers(
                "/error",
                "/static/**",
                "/webjars/**",
                "/favicon.ico"
        );
    }
}
